This is your China Hack Report: Daily US Tech Defense podcast.

Welcome, tech warriors and cyber-enthusiasts! Ting here, your daily source for all things China and cyber, slicing through the digital fog with just the right mix of expertise and caffeine. Let’s not waste a byte—here’s what’s shaking in the past 24 hours on the China Hack Report: Daily US Tech Defense.

First up, we’re deep within what Dakota Cary of SentinelOne dramatically calls China’s “golden age of hacking.” According to security firm CrowdStrike, incidents attributed to Chinese government actors targeting US agencies and infrastructure have absolutely exploded—more than doubling from 2023, and still climbing. These ops aren’t just the typical smash-and-grab. Chinese cyber teams, including the notorious Silk Typhoon and Salt Typhoon crews, have gotten craftier, burrowing into systems and embedding themselves like particularly troublesome software ticks. What’s changed? Beijing has unleashed private industry to join the offensive, meaning hackers aren’t just government employees anymore—they come from a fast-expanding cyber sector intent on scoring big against US interests.

Yesterday brought another wake-up call: CISA hit the red button over CitrixBleed 2, tracked as CVE-2025-5777. This vulnerability in NetScaler gateway devices lets attackers swipe sensitive data, and CISA did not mince words; they gave federal civilian agencies just *one day* to patch, an almost unheard-of move. If you’re listening from any org using Citrix, check your status and scan for indicators of compromise—waiting is not an option. And, as bad as that sounds, it pairs nicely with CISA’s concurrent warning about a critical, still-unpatched train brake vulnerability (CVE-2025-1727), which, if exploited, could hand an attacker train-stopping powers over ICS environments.

It gets wilder: Salt Typhoon just got caught camping in a US Army National Guard unit’s network for nine months starting March 2024. According to Department of Defense reports, these intruders stole network configs, admin credentials, and intercepted communications—a potential windfall for Chinese planners tracking US Guard deployments and cyber defense posture. Elsewhere, Salt Typhoon’s ongoing campaign targeting edge devices at major telecoms—including Comcast—remains a serious risk, with attackers worming through routers and switches to use them as launchpads for broader intrusions.

Chip geeks, don’t tune out—Proofpoint researchers have detailed a fresh surge in China-linked spear-phishing and malware attacks aiming at Taiwan’s semiconductor giants and US investment analysts with a focus on advanced chipmaking. At least three new groups—UNK_FistBump, UNK_DropPitch, UNK_SparkyCarp—plus the persistent UNK_ColtCentury, are dropping custom malware and remote access trojans, often hidden in what look like job-seeker emails from legit university addresses. Analysts at a major US-headquartered international bank were even swept up in the campaign, all as part of Beijing’s grand ambitions to catch up—and maybe leapfrog—on chip tech.

For immediate action, CISA and the FBI stress: patch now, especially Citrix and any ICS devices, monitor for unusual account activity (think new “legit” collaboration accounts suddenly sprouting), and double down on endpoint detection. If your org has any connections to telecom, semiconductor supply chains, or defense, escalate your threat monitoring—these campaigns are highly targeted and patient.

That’s it for today’s digital drama from the frontlines. Thanks for tuning in. Don’t forget to subscribe so you never miss a byte, and stay one step ahead of the hackers targeting America’s most vital systems. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai

Get the best deals https://amzn.to/3ODvOta